Unfixed XSS vulnerability at www.cezafan.com

2007-02-25T00:00:00
ID XSSED:1232
Type xssed
Reporter A.D.T
Modified 2007-02-03T00:00:00

Description

Security researcher A.D.T, has submitted on 25/02/2007 a cross-site-scripting (XSS) vulnerability affecting www.cezafan.com, which at the time of submission ranked 80642 on the web according to Alexa.
We manually validated and published a mirror of this vulnerability on 02/03/2007. It is currently unfixed.
If you believe that this security issue has been corrected, please send us an e-mail.

Vulnerable URL: http://www.cezafan.com/web/goster_normal.asp?klasor=galeri/Graffitileriniz&dosya=%3Cbody%20onload=%22document.body.innerHTML='%3Cimg%20src=http://palovera.org/sus3.jpg%3E%3C/img%3E';%22%3E&dosya_no=-1